Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4756 matches found

Hacker One
Hacker Oneadded 2023/09/22 7:22 p.m.50 views

PlayStation: Remote vulnerabilities in spp

A vulnerability was discovered in the spp PPPoE implementation on the PS4/PS5. The vulnerability could allow a malicious PPPoE server to cause a heap buffer overwrite and overread, potentially leading to denial-of-service or remote code execution in kernel context. The vulnerability was caused by...

10CVSS7.2AI score0.11319EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2023/09/21 12:0 a.m.36 views

Fedora 37 : freerdp (2023-5e6796cb83)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-5e6796cb83 advisory. Update to 2.11.1 ---- Update to 2.11.0 CVE-2023-39350, CVE-2023-39351, CVE-2023-39352, CVE-2023-39353, CVE-2023-39354, CVE-2023-39356, CVE-2023-4018...

9.8CVSS6.5AI score0.01529EPSS
Exploits12References13
RedhatCVE
RedhatCVEadded 2023/09/20 5:25 p.m.43 views

CVE-2023-38427

An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/smb2pdu.c in ksmbd has an integer underflow and out-of-bounds read in deassemblenegcontexts...

9.8CVSS6.6AI score0.01129EPSS
Exploits0References3
OSV
OSVadded 2023/09/15 11:5 a.m.1 views

OESA-2023-1656 freerdp security update

FreeRDP is a client implementation of the Remote Desktop Protocol RDP that follows Microsoft's open specifications. This package provides the client applications xfreerdp and wlfreerdp. Security Fixes: FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache...

9.8CVSS7AI score0.01529EPSS
Exploits12References13
Tenable Nessus
Tenable Nessusadded 2023/09/10 12:0 a.m.22 views

Fedora 38 : freerdp (2023-10e43bcebb)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-10e43bcebb advisory. Update to 2.11.1 ---- Update to 2.11.0 CVE-2023-39350, CVE-2023-39351, CVE-2023-39352, CVE-2023-39353, CVE-2023-39354, CVE-2023-39356, CVE-2023-4018...

9.8CVSS6.5AI score0.01529EPSS
Exploits12References13
OSV
OSVadded 2023/09/08 9:56 p.m.3 views

USN-6355-1 grub2-signed, grub2-unsigned, shim, and shim-signed vulnerability

Daniel Axtens discovered that specially crafted images could cause a heap-based out-of-bonds write. A local attacker could possibly use this to circumvent secure boot protections. CVE-2021-3695 Daniel Axtens discovered that specially crafted images could cause out-of-bonds read and write. A local...

8.1CVSS6.8AI score0.01284EPSS
Exploits0References12
Ubuntu
Ubuntuadded 2023/09/08 12:0 a.m.102 views

USN-6355-1: GRUB2 vulnerabilities

Daniel Axtens discovered that specially crafted images could cause a heap-based out-of-bonds write. A local attacker could possibly use this to circumvent secure boot protections. CVE-2021-3695 Daniel Axtens discovered that specially crafted images could cause out-of-bonds read and write. A local...

8.1CVSS6.8AI score0.01284EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2023/09/07 12:0 a.m.23 views

Oracle Linux 8 : virt:ol (ELSA-2019-3345)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-3345 advisory. - tcpemu in slirp/tcpsubr.c aka slirp/src/tcpsubr.c in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure...

7.5CVSS7.4AI score0.05546EPSS
Exploits1References4
Tenable Nessus
Tenable Nessusadded 2023/09/07 12:0 a.m.17 views

Oracle Linux 7 : libguestfs-winsupport (ELSA-2019-2308)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2019-2308 advisory. 7.2-3 - Fix for CVE-2019-9755 heap-based buffer overflow leads to local root privilege escalation resolves: rhbz1698502 Tenable has extracted the preceding...

7CVSS6.6AI score0.00531EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2023/09/07 12:0 a.m.72 views

Oracle Linux 8 : virt:ol / and / virt-devel:rhel (ELSA-2023-2757)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-2757 advisory. - Fix CVE-2022-2211 Denial of Service in --key parameter resolves: rhbz2101280 - Fixes: CVE-2021-46790, CVE-2022-30783, CVE-2022-30784, CVE-2022-30785,...

9.8CVSS7.4AI score0.05552EPSS
Exploits2References8
RedhatCVE
RedhatCVEadded 2023/09/05 3:14 p.m.32 views

CVE-2023-39350

A flaw was found in FreeRDP. When an insufficient blockLen value is provided and proper length validation is not performed, an Integer Underflow can occur, leading to a Denial of Service DOS...

7.5CVSS7.6AI score0.01385EPSS
Exploits1References4
Veracode
Veracodeadded 2023/09/05 3:11 a.m.19 views

Out-Of-Bound Read

libfreerdp.so is vulnerable to Out-Of-Bound Read. The vulnerability exists due to the integer underflow in the cBitsRemaining calculation in the zgfxdecompresssegment function of zgfx.c, which allows an attacker to read data beyond the transmitted packet range in the context of CopyMemory, leadin...

9.1CVSS6.6AI score0.01432EPSS
Exploits1References10Affected Software1
RedhatCVE
RedhatCVEadded 2023/09/02 12:26 a.m.18 views

CVE-2023-40181

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Integer-Underflow leading to Out-Of-Bound Read in the zgfxdecompresssegment function. In the context of CopyMemory, it's possible to read data beyond the...

7.5CVSS6.9AI score0.01432EPSS
Exploits1References4
NVD
NVDadded 2023/08/31 10:15 p.m.13 views

CVE-2023-40181

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Integer-Underflow leading to Out-Of-Bound Read in the zgfxdecompresssegment function. In the context of CopyMemory, it's possible to read data beyond the...

9.1CVSS7.1AI score0.01432EPSS
Exploits1References9
AlpineLinux
AlpineLinuxadded 2023/08/31 10:15 p.m.24 views

CVE-2023-40181

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Integer-Underflow leading to Out-Of-Bound Read in the zgfxdecompresssegment function. In the context of CopyMemory, it's possible to read data beyond the...

9.1CVSS7AI score0.01432EPSS
Exploits1
OSV
OSVadded 2023/08/31 10:15 p.m.2 views

DEBIAN-CVE-2023-40181

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Integer-Underflow leading to Out-Of-Bound Read in the zgfxdecompresssegment function. In the context of CopyMemory, it's possible to read data beyond the...

9.1CVSS6.9AI score0.01432EPSS
Exploits1References1
UbuntuCve
UbuntuCveadded 2023/08/31 10:15 p.m.23 views

CVE-2023-40181

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Integer-Underflow leading to Out-Of-Bound Read in the zgfxdecompresssegment function. In the context of CopyMemory, it's possible to read data beyond the...

9.1CVSS6.7AI score0.01432EPSS
Exploits1References5
Prion
Prionadded 2023/08/31 10:15 p.m.17 views

Integer overflow

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Integer-Underflow leading to Out-Of-Bound Read in the zgfxdecompresssegment function. In the context of CopyMemory, it's possible to read data beyond the...

6.4CVSS9.1AI score0.01432EPSS
Exploits1References8Affected Software3
OSV
OSVadded 2023/08/31 10:15 p.m.0 views

UBUNTU-CVE-2023-40181

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Integer-Underflow leading to Out-Of-Bound Read in the zgfxdecompresssegment function. In the context of CopyMemory, it's possible to read data beyond the...

9.1CVSS6.7AI score0.01432EPSS
Exploits1References6
CVE
CVEadded 2023/08/31 9:6 p.m.96 views

CVE-2023-40181

CVE-2023-40181 (FreeRDP) is an integer-underflow in the zgfx_decompress_segment path that can cause an out-of-bounds read during CopyMemory, potentially crashing the client. Affected are FreeRDP variants implementing RDP; the issue is fixed in versions 2.11.0 and 3.0.0-beta3. The vulnerability st...

9.1CVSS7.1AI score0.01432EPSS
Exploits1References9Affected Software1
Rows per page
Query Builder